|
Title: Ellipal Post by: bitcats on October 24, 2022, 02:54:25 PM Has anyone tested the new ellipal titan mini wallet?
Title: Re: Ellipal Post by: AB de Royse777 on October 24, 2022, 03:14:54 PM Has anyone tested the new ellipal titan mini wallet? No idea what were you talking about until I did some search. Is this (https://www.ellipal.com/) what you are talking about? It seems a kind of hardware wallet same as Leger, Trezor?PS: You still got an animated avatar. Just a heads up, if you change it then you will never have this type of animated avatar again. Title: Re: Ellipal Post by: Little Mouse on October 24, 2022, 03:35:55 PM I personally haven't used this (have ledger and safepal- no promotion). Ledger research team had spent times on Ellipal Titan wallet and was able to break their security. (https://donjon.ledger.com/Ellipal-Security/) This doesn't seem good though I haven't found if they had solve that issue.
You also may check out this thread- https://bitcointalk.org/index.php?topic=5361456.0 Title: Re: Ellipal Post by: bitcats on October 24, 2022, 04:23:36 PM Is this (https://www.ellipal.com/) what you are talking about? It seems a kind of hardware wallet same as Leger, Trezor? Yes that's the wallet. PS: You still got an animated avatar. Just a heads up, if you change it then you will never have this type of animated avatar again. Thanks for the hint. I don't intend to change the avatar. Quote Ledger research team had spent times on Ellipal That's very informative. I think they've improved the security on the new Titan wallet.Title: Re: Ellipal Post by: bitmover on October 24, 2022, 05:29:54 PM I personally haven't used this (have ledger and safepal- no promotion). Ledger research team had spent times on Ellipal Titan wallet and was able to break their security. (https://donjon.ledger.com/Ellipal-Security/) This doesn't seem good though I haven't found if they had solve that issue. Thanks for sharing. Ledger even won a bihnty from their bug bounty program. The vulnerabilities were fixed: Quote https://blog.ledger.com/Ellipal-Security this kind of device, the security can be guaranteed only if: The software running is genuine: very difficult to guarantee this on a Android phone) The software is well written and flawless: We hope, we could help for this The attacker has no physical access to the device - or a very strong password Consequently, the security model of the device is very similar to the Bitfi wallet one. Anyway, I wouldn't risk my coins in such device as it doesn't look as safe as a ledger. Title: Re: Ellipal Post by: o_e_l_e_o on October 24, 2022, 06:07:42 PM I think they've improved the security on the new Titan wallet. The vulnerabilities were fixed: It's true that the Ledger Donjon review linked to above was from the old Ellipal wallet, but I think it's worth taking a closer look at what they found. The Ellipal wallet was just the board from an Android mobile phone with a new case on it. It still had all the same capabilities as an Android phone, including WiFi and booting to a factory testing mode, that were simply soft locked by the software and trivially re-enabled. Ledger were able to connect up a USB port without issue, access the bootloader, and dump the private keys, which is a very basic attack.They were essentially marketing a mobile phone on flight mode as a hardware wallet. This is incredible amateurish, if not borderline scammy, and is enough to mean I will never touch one of their devices, even if they say they have improved on all these things. Also, it is closed source. Title: Re: Ellipal Post by: dkbit98 on October 24, 2022, 10:47:05 PM Has anyone tested the new ellipal titan mini wallet? No I didn't test it, and I don't know anyone who purchased this wallet.I think they have nice price, and they are one of the cheapest air-gapped devices, but offering one more closed source hardware wallet is not what I am looking for. There are cheaper DIY open source alternatives that are also air-gapped, like SeedSigner or Krux, and Jade wallet will soon become airgapped with upcoming firmware update. They were essentially marketing a mobile phone on flight mode as a hardware wallet. This is incredible amateurish, if not borderline scammy, and is enough to mean I will never touch one of their devices, even if they say they have improved on all these things. Also, it is closed source. Yeah, they pretty much ruined their reputation with this amateur move, but they can always try to improve in future.However, I don't see anything special with this new Ellipal Mini version, and it's part of my list of wallet manufacturers to be avoided, along with Safepal that is also coming from China. Title: Re: Ellipal Post by: SFR10 on October 26, 2022, 02:04:32 PM Has anyone tested the new ellipal titan mini wallet? Considering that they're going to "ship it in the first week of November (https://twitter.com/ellipalwallet/status/1582383500099047424)", it's safe to say that none of us had the opportunity to test their new product!I think they've improved the security on the new Titan wallet. If you count having "less support for shitcoins (https://www.ellipal.com/pages/coldwallet) [refer to its comparison table]" as a "major" improvement with regard to its security, then sure but I don't think it's going to be enough for most users.- The way I see it, it's still the same product with a smaller shell! |